Security: Identity Management, RBAC, Authentication and Authorization
Show Overview: Brian and Tyler continue their focus on Security with Marc Boorshtein (@mlbiam, CTO of @tremolosecurity), discussing Identity Management, Container and Kubernetes Authorization and Authentication, RBAC, and how IT teams evolve to manage security in more agile environments.
- PodCTL #14 - Security: Hosts, Registries, Content and Pipelines
- [Video] Identity Management and Compliance
- [Video] DevOps Identity Management
- [Website] Tremolo Security
- 10 Layers of Container Security
- Open Source k8s SSO project
- Open Source OpenShift Identity Manager project
Topic 1 - Let’s talk about User authentication in Kubernetes>
- Certificate Authentication
- OpenID Connect
- Reverse Proxy
Topic 2 - Let’s dig into the various types of Authorizations
- Overview of RBAC (Role-Based Access Control)
- Mapping of Roles to Users and Groups
- Organizational Challenges
Topic 3 - Given that various people (Devs & Ops) interact with dashboards, how do we manage that Authentication?
Topic 4 - How are organizations evolving to keep up with this more agile form of software development and the associated security challenges?